Presentation is loading. Please wait.

Presentation is loading. Please wait.

Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.

Published byJordan Bradley Modified over 8 years ago

Similar presentations

Presentation on theme: "Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical."— Presentation transcript:

1 Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical Comittee

2 June 28-29, 2005Interoperability Strategy Workshop2 W W W. I H E. N E T Providers and Vendors Working Together to Deliver Interoperable Health Information Systems In the Enterprise and Across Care Settings

3 June 28-29, 2005Interoperability Strategy Workshop3 IT Infrastructure Profiles 2004 Patient Identifier Cross-referencing for MPI (PIX) Retrieve Information for Display (RID) Consistent Time (CT) Patient Synchronized Applications (PSA) Enterprise User Authentication (EUA) 2005 Patient Demographic Query (PDQ) Cross Enterprise Document Sharing (XDS) Audit Trail and Note Authentication (ATNA) Personnel White Pages (PWP) 2006 Cross-Enterprise User Authentication (XUA) Document Digital Signature (DSG) – Notification of Document Availability (NAV) Patient Administration/Management (PAM) Document Digital Signature (DSG) Use of digital signatures to provide document integrity, non-repudiation and accountability.

4 June 28-29, 2005Interoperability Strategy Workshop4 Document Digital Signature Value Proposition Leverages XDS Document infrastructure Providing accountability Providing document integrity Providing non-repudiation Providing satisfactory evidence of: Authorship, Approval, Review, and Authentication Infrastructural pattern to be further profiled by domain specific groups (e-Prescribing, e-Referral)

5 June 28-29, 2005Interoperability Strategy Workshop5 Document Digital Signature Abstract/scope Provide signature mechanism Provide verification/validation mechanism Provide signature attributes Integration with XDS –Digital signing of documents in XDS –Access to documents in XDS independent of signatures

6 June 28-29, 2005Interoperability Strategy Workshop6 Document Digital Signature Out of scope Certificate management and PKI concepts Standards and implementations are available and will be discussed later Focus begins with signing, not encryption Partial Document Signature

7 June 28-29, 2005Interoperability Strategy Workshop7 Document Digital Signature Goals New Digital Signature Document format in XDS Leverages XDS for signature by reference Profile use of single / multiple signatures Profile use of nested signatures Provide signature integrity across intermediary processing –E-prescribing –Interface Engine

8 June 28-29, 2005Interoperability Strategy Workshop8 Document Digital Signatures Risk Mitigation Digital Signatures help mitigate risk for the following attacks: –In the storage or transmission of documents, characteristics of clinician orders reflected in the prescription could be modified. –In the storage or transmission of documents, characteristics of countersigned clinician orders reflected in the prescription could be modified. –A forged prescription could be introduced.

9 June 28-29, 2005Interoperability Strategy Workshop9 Document Digital Signatures Risks not mitigated The following scenarios will not be mitigated by using digital signatures and require additional security: –Corruption or bribery of a user, or counter-signer –Theft of a private key –Compromise of the physician’s workstation to allow access to the signing key –The confirmation process could be corrupted or modified. –The dispensing system could be corrupted or modified, including simple attacks like burglary. –The dispensing feedback could be corrupted, modified, or destroyed.

10 June 28-29, 2005Interoperability Strategy Workshop10 Document Digital Signature Use Cases 1.Attesting a document as true copy –Each subsequent use of the original signed digital document or a digital copy of the document can inspected signatures to assert that the documents are true copies of information attestable to the signer at the time of the signature ceremony Attesting content –When a clinician submits a clinical document to the XDS repository, the clinician using a digital certificate digitally signs the document Attesting to whole submission set Translation / Transformation

11 June 28-29, 2005Interoperability Strategy Workshop11 Document Digital Signature Use Cases: True Copy Use Case 1: Attesting a document as true copy Verify that the document in use by all parties is the same as the original document and has not been modified. Verify “document integrity”.

12 June 28-29, 2005Interoperability Strategy Workshop12 Document Digital Signature Use Cases: True Copy Non-XDS example: –A physician needs to forward results obtained from a third party to another clinician. There is a need to ensure that all parties are working from the same “true copy” XDS example: –Medical records staff who submit documents to XDS need to verify and attest their submission.

13 June 28-29, 2005Interoperability Strategy Workshop13 Document Digital Signature Use Cases: Attesting to Content Use Case 2: Attesting clinical information content Attest that a report is complete and correct Ability to verify that physician has verified and attested to report

14 June 28-29, 2005Interoperability Strategy Workshop14 Document Digital Signature Use Cases: Attesting to Content Non-XDS example: –A clinician needs to rely on the contents of a report created by another clinician; diagnosis, prescription content, etc – Also, this signature can not be repudiated. XDS example: –When a clinician submits content to XDS he/she signs it to take clinical responsibility for the content

15 June 28-29, 2005Interoperability Strategy Workshop15 Document Digital Signature Use Cases: Submission set Use Case 3: Attesting to a whole submission set A digitally signed manifest can indicate both: That a set of documents is authorized for release by signing clinician That the set is indeed the complete set of documents and their associated signatures Manifest signature does NOT verify content or correctness.

16 June 28-29, 2005Interoperability Strategy Workshop16 Document Digital Signature Use Cases: Submission Set The recipient organizations can use this digital signature to: identify the person who selected and authorized the release, obtain the complete list of documents released, verify that the released documents have not changed, and identify the associated XDS submission set.

17 June 28-29, 2005Interoperability Strategy Workshop17 Document Digital Signature Use Cases: Submission Set Non-XDS example: –Attesting to the completeness of a monthly submission of all TB patient records for statistical analysis –Attesting to the completeness of health records in a patient transfer XDS example: –Use XDS to send a collection of documents relating to a patient referral. Attest that submission includes complete set of relevent documents.

18 June 28-29, 2005Interoperability Strategy Workshop18 Document Digital Signature Use Cases: Translation Use Case 4: Translation Introduction of an additional signature to validate : The original document The original signature The translated document Used to verify that the translator had the original/true document, that the original document was signed, and that the translation has attested to the validity of the translation.

19 June 28-29, 2005Interoperability Strategy Workshop19 Document Digital Signature Use Cases: Translation

20 June 28-29, 2005Interoperability Strategy Workshop20 Document Digital Signature Use Cases: Translation Non-XDS example: –e-prescribing : Value added networks that translate the format of a prescription before forwarding it to a pharmacy XDS example: –Reference original document and original signature by using association-type to link them in XDS with translated version

21 June 28-29, 2005Interoperability Strategy Workshop21 Document Digital Signature Key Technical Properties W3C XML Signature structure –credentials, timestamp, and other signature attributes such as signature purpose Reference to document stored in XDS ISO TS17090 compliant digital certificates Provide for multiple signers

22 June 28-29, 2005Interoperability Strategy Workshop22 Document Digital Signature Signature Attributes Expand signature to include additional data relevant to the healthcare signature Includes the date and time the signature was calculated and applied The identity of the signer Signature Purpose

23 June 28-29, 2005Interoperability Strategy Workshop23 Document Digital Signature Signature Purpose From ASTM E1762 * “Author” - Author’s signature, “Author.Co” - Coauthor’s signature “Participant” - Co-participant’s signature “Transcriptionist/Recorder” “Verification” - Verification signature “Validation” - Validation signature “Consent” - Consent signature “Witness” - Witness signature “Witness.Event” - Event witness signature “Witness.Identity” - Identity witness signature such as a Notary “Witness.Consent” - Consent witness signature “Interpreter” “Review” - Review signature “Source” - Source signature “Addendum” - Addendum signature Administrative Timestamp

24 June 28-29, 2005Interoperability Strategy Workshop24 Document Digital Signature Additions to ASTM1762 The following items will be added to ASTM1762 –Modification –Authorization –Transformation –Recipient Modification is being worked on.

25 June 28-29, 2005Interoperability Strategy Workshop25 Document Digital Signature Transaction Diagram

26 June 28-29, 2005Interoperability Strategy Workshop26 Document Digital Signature Transaction Diagram

27 June 28-29, 2005Interoperability Strategy Workshop27 Document Digital Signature E-prescribing threats

28 June 28-29, 2005Interoperability Strategy Workshop28 Document Digital Signature Standards Used W3C XML Signature ISO 17090, 21091 ASTM E2212, E1985, E1762, E1084 IETF x509 DICOM supplement 41, 86 NCPDP HL7 CDA

29 June 28-29, 2005Interoperability Strategy Workshop29 More information…. IHE Web sites: www.ihe.net www.ihe.net Technical Frameworks, Supplements –Fill in relevant supplements and frameworks Non-Technical Brochures : Calls for Participation IHE Fact Sheet and FAQ IHE Integration Profiles: Guidelines for Buyers IHE Connect-a-thon Results Vendor Products Integration Statements

Download ppt "Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical."

Similar presentations

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.
Integrating the Healthcare Enterprise

Integrating the Healthcare Enterprise
September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.

September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing for MPI (PIX) Profile Mike Henderson.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing for MPI (PIX) Profile Mike Henderson.
June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)

June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)
IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.

IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.
September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education

September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education
PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.

PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.
June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.

June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.
Audit Trail and Node Authentication / Consistent Time

Audit Trail and Node Authentication / Consistent Time
Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.

Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,
Pathfinding Session: IT Infrastructure for Intra-Enterprise IHE North America Webinar Series 2008 Charles Parisot IT Infrastructure GE Healthcare.

Pathfinding Session: IT Infrastructure for Intra-Enterprise IHE North America Webinar Series 2008 Charles Parisot IT Infrastructure GE Healthcare.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
Slide 1 Sharing Images without CDs, The Next Imaging Sea Change GE Healthcare Chris Lindop GE Healthcare Interoperability & Standards.

Slide 1 Sharing Images without CDs, The Next Imaging Sea Change GE Healthcare Chris Lindop GE Healthcare Interoperability & Standards.
Integrating the Healthcare Enterprise IHE Technical Committee Status IHE ITI Plan Committee - February 2004.

Integrating the Healthcare Enterprise IHE Technical Committee Status IHE ITI Plan Committee - February 2004.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.

What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
Integrating the Healthcare Enterprise

Integrating the Healthcare Enterprise

Similar presentations

Ads by Google